The Rockridge Group
Senior Cybersecurity Engineer Job at The Rockridge Group in New York
The Rockridge Group, New York, NY, US
Job Description
Job Description
The Senior Cybersecurity Engineer is responsible for keeping information systems secure, determining access requirements, and planning and implementing information security programs, to help protect against cybercrime threats, including malware, phishing, viruses, denial-of-service attacks, information warfare and hacking.
Essential Duties:
Job Title: Senior Cybersecurity Engineer
Location: 405 Lexington Avenue, New York, NY 10174
Duration: FTE
Salary: $ up to 140k
Schedule: hybrid (in-office 2-3 days per week)
Based on the NYC vaccine mandate effective 12/27/2021, all employees will be required to show proof of vaccination in accordance with the mandate.
Job Summary:
The Senior Cybersecurity Engineer is responsible for keeping information systems secure, determining access requirements, and planning and implementing information security programs, to help protect against cybercrime threats, including malware, phishing, viruses, denial-of-service attacks, information warfare and hacking.
The position reports to the Director, Network & Security. The position also interfaces with varying levels of management, as well as functional counterparts at Company X
Essential Duties:
- Incident prevention, detection, containment, and recovery across IT systems, including process development, incident response and reporting:
- Administration and management of security technologies and products: Security Information and Event Management (SIEM), security automation, Data Loss Prevention (DLP), endpoint security (EDR), sandboxing, threat intelligence, pen testing & vulnerability management, identity management
- Experience with incident response, troubleshooting, and forensic analysis of malware events and vulnerability issues
- Regular security monitoring and identification of possible intrusion or breach
- Ability to use all available tools to conduct in-depth active and passive threat analysis and incident investigation, in order to identify security vulnerabilities or malicious activity
- Monitor and evaluate the effectiveness of security controls and alignment with security frameworks
- Participate in the creation and maintenance of security-related policies and procedures
- Collaborate with internal and external stakeholders to proactively prepare, recognize and respond to various attack patterns.
- Stay up to date with current security issues and regulations in the industry including researching latest findings, industry trends, and vendor-specific issues and resolutions; research and test new security tools
- Mentor and train junior resources.
Required Qualifications:
- Experience with network security monitoring systems for in-depth analysis of data and trends, including Splunk/Splunk ES (3+ years), Cisco AMP (1-2 years), Varonis (1-2 years)
- Practical expertise using Splunk SPL to extract actionable insights from security analytics, including the ability to manage and configure input from various data sources, run complex searches, generate reports, create alerts and dashboards, fine tune Splunk ES correlation searches, etc.
- Application of security architecture principles, standards, and controls to enterprise systems and system designs, including cloud environments (SaaS, PaaS, IaaS)
- Creating and testing security event procedures for alert management and incident response
- Knowledge of firewall/IPS devices and understanding of encryption and VPN technologies (IPSEC, SSL/TLS, GRE, DMVPN, etc.)
- Good verbal/written communication skills and the ability to manage critical situations and maintain positive relationships with colleagues and clients.
- Bachelor’s degree or equivalent in IT or related fields; industry accepted security certifications (CCNA Security, SANS, CISSP, etc.) a plus